When the password hash synchronization channel is established and there aren't any password changes to be synchronized, a heartbeat event (EventId 654) is generated once every 30 minutes under the Windows Application Event Log. No password hash synchronization heartbeat eventsĮach on-premises Active Directory connector has its own password hash synchronization channel. If the Azure AD Connect server is in staging mode, password hash synchronization is temporarily disabled, and the following error is returned: If you haven't enabled password hash synchronization by using the Azure AD Connect wizard, the following error is returned:Īzure AD Connect server is in staging mode password hash synchronization feature isn't enabled The rest of this section describes specific results that are returned by the task and corresponding issues. The following diagram illustrates the results of the cmdlet for a single-domain, on-premises Active Directory topology: Validates that the Active Directory Domain Services (AD DS) accounts used by the on-premises Active Directory connector has the correct username, password, and permissions required for password hash synchronization. Validates that the domain is reachable from the Azure AD Connect server. Searches for password hash synchronization heartbeat events in the Windows Application Event logs.įor each Active Directory domain under the on-premises Active Directory connector: Validates that the password hash synchronization feature is enabled. Validates that the Azure AD Connect server is not in staging mode.įor each existing on-premises Active Directory connector (which corresponds to an existing Active Directory forest): Validates that the password hash synchronization feature is enabled for your Azure AD tenant. The troubleshooting task performs the following checks: Understand the results of the troubleshooting task In the sub menu, select Password hash synchronization does not work at all. In the main menu, select Troubleshoot password hash synchronization. On the Troubleshooting page, click Launch to start the troubleshooting menu in PowerShell. Navigate to the Additional Tasks page, select Troubleshoot, and click Next. Run Set-ExecutionPolicy RemoteSigned or Set-ExecutionPolicy Unrestricted. Open a new Windows PowerShell session on your Azure AD Connect server with the Run as Administrator option. To troubleshoot issues where no passwords are synchronized: The troubleshooting task is available only for Azure AD Connect version 1.1.614.0 or later. You can use the troubleshooting task to figure out why no passwords are synchronized. No passwords are synchronized: troubleshoot by using the troubleshooting task If you have an issue with individual objects, refer to the One object is not synchronizing passwords: manual troubleshooting steps section. If you have an issue where no passwords are synchronized, refer to the No passwords are synchronized: manual troubleshooting steps section. If you have an issue with individual objects, refer to the One object is not synchronizing passwords: troubleshoot by using the diagnostic cmdlet section.įor older versions of Azure AD Connect deployment: If you have an issue where no passwords are synchronized, refer to the No passwords are synchronized: troubleshoot by using the diagnostic cmdlet section. If you have an issue with individual objects, refer to the One object is not synchronizing passwords: troubleshoot by using the troubleshooting task section.įor deployment with version 1.1.524.0 or later, there is a diagnostic cmdlet that you can use to troubleshoot password hash synchronization issues: If you have an issue where no passwords are synchronized, refer to the No passwords are synchronized: troubleshoot by using the troubleshooting task section. If passwords are not synchronizing as expected, it can be either for a subset of users or for all users.įor Azure Active Directory (Azure AD) Connect deployment with version 1.1.614.0 or after, use the troubleshooting task in the wizard to troubleshoot password hash synchronization issues: This topic provides steps for how to troubleshoot issues with password hash synchronization.
0 Comments
Leave a Reply. |